def groups(request, file):
file.write('<groups>\n')
group_list = user.getGroupList(request)
for groupname in group_list:
group = wikiacl.Group(groupname, request, fresh=True)
file.write('<group %s>\n' % generate_attributes({'name': groupname}))
group_defaults(group, request, file)
for username in group.users():
file.write('<user %s/>\n' % generate_attributes({'id': username}))
for ip in group.get_ips().keys():
file.write('<user %s/>\n' % generate_attributes({
'id': username,
'type': 'IP'
}))
file.write('</group>\n')
file.write('</groups>\n')
def handleData(self):
_ = self._
form = self.request.form
security_pagename = "%s/%s" % (config.wiki_settings_page,
config.wiki_settings_page_security_defaults)
if self.request.user.name in wikiacl.Group("Admin", self.request):
grouplist = user.getGroupList(self.request)
# intialize default rights
default_rights = {}
for groupname in grouplist:
if groupname == 'Admin':
default_rights['Admin'] = [True, True, True, True]
else:
default_rights[groupname] = [False, False, False, False]
for key in form:
if key.endswith('_may_read'):
action = 'read'
elif key.endswith('_may_edit'):
action = 'edit'
elif key.endswith('_may_delete'):
action = 'delete'
elif key.endswith('_may_admin'):
action = 'admin'
else:
continue
groupname = unquoteWikiname(key[:key.find('_may_%s' % action)])
# is valid group?
if groupname in grouplist:
default_rights[groupname][ACL_RIGHTS_TABLE[action]] = True
for groupname in default_rights:
default_rights[groupname] = tuple(default_rights[groupname])
self.request.config.acl_rights_default = default_rights
# sets the config -- becomes active as soon as this line is
# executed!
self.request.config.set_config(self.request.config.wiki_name,
self.request.config.get_dict(),
self.request)
return _("Security settings updated!")
def groups(request, file):
file.write('<groups>\n')
group_list = user.getGroupList(request)
for groupname in group_list:
group = wikiacl.Group(groupname, request, fresh=True)
file.write('<group %s>\n' %
generate_attributes({'name': groupname}))
group_defaults(group, request, file)
for username in group.users():
file.write('<user %s/>\n' % generate_attributes(
{'id': username}))
for ip in group.get_ips().keys():
file.write('<user %s/>\n' % generate_attributes(
{'id': username,
'type': 'IP'}))
file.write('</group>\n')
file.write('</groups>\n')
def asHTML(self):
"""
Create the complete HTML form code.
"""
_ = self._
self.make_form()
# different form elements depending on login state
html_uid = ''
html_sendmail = ''
groups_pagename = "%s/%s" % (config.wiki_settings_page,
config.wiki_settings_page_security_defaults)
if self.request.user.name in wikiacl.Group("Admin", self.request):
group_admin = wikiacl.Group("Admin", self.request, fresh=True)
self.make_row(_("Admins"), [
html.TEXTAREA(name="group_Admin", rows="6", cols="40",
id="group_Admin").append(
'\n'.join(map(wikiutil.escape,
group_admin.users(proper_names=True))))
],
option_text=_("(one per line)"))
group_banned = wikiacl.Group("Banned", self.request, fresh=True)
self.make_row(_("Banned Users"), [
html.TEXTAREA(name="group_Banned", rows="6", cols="40",
id="group_Banned").append(
'\n'.join(map(wikiutil.escape,
group_banned.users(proper_names=True))))
],
option_text=_("(one per line)"))
self.make_row(_("Banned IP Addresses"), [
html.TEXTAREA(name="ips_banned", rows="6", cols="40",
id="ips_banned").append(
'\n'.join(map(wikiutil.escape,
group_banned.get_ips().keys())))
],
option_text=_("(one per line)"))
custom_groups = user.getGroupList(self.request,
exclude_special_groups=True)
for groupname in custom_groups:
group = wikiacl.Group(groupname, self.request, fresh=True)
delete_label = ('<span class="minorActionBox">[<a href="%s/'
'%s?action=usergroupsettings&delete=%s">'
'delete group</a>]</span>') % (
self.request.getScriptname(),
quoteWikiname(groups_pagename),
quoteWikiname(groupname))
self.make_row('%s %s' % (wikiutil.escape(groupname),
delete_label),
[
html.TEXTAREA(
name="group_%s" % quoteWikiname(groupname),
rows="6", cols="40",
id="group_%s" % quoteWikiname(groupname)
).append('\n'.join(map(wikiutil.escape,
group.users(proper_names=True))))
], option_text=_("(one per line)"))
buttons = [
('save', _('Save Groups')),
]
# Add buttons
button_cell = []
for name, label in buttons:
button_cell.extend([
html.INPUT(type="submit", name=name, value=label),
' ',
])
self.make_row('', button_cell)
self._inner.append(html.H2().append("Create a new group"))
self.make_row(_("Group name"), [
html.INPUT(type="text", size="40", name="new_group_name"),
])
self.make_row('Group users', [
html.TEXTAREA(name="new_group_users", rows="6", cols="40")
])
buttons = [
('save', _('Add new group')),
]
# Add buttons
button_cell = []
for name, label in buttons:
button_cell.extend([
html.INPUT(type="submit", name=name, value=label),
' ',
])
self.make_row('', button_cell)
return str(self._form)
def asHTML(self):
"""
Create the complete HTML form code.
"""
_ = self._
self.make_form()
# different form elements depending on login state
html_uid = ''
html_sendmail = ''
security_pagename = "%s/%s" % (config.wiki_settings_page,
config.wiki_settings_page_security_defaults)
if not self.request.user.name in wikiacl.Group("Admin", self.request):
return ''
else:
self._inner.append(html.Raw('<div class="securitySettings">'))
self.make_row(_("Everybody may:"), [
html.INPUT(type="checkbox", name="All_may_read", value=1,
checked=self.request.config.acl_rights_default['All'][
ACL_RIGHTS_TABLE['read']]),
'read',
html.INPUT(type="checkbox", name="All_may_edit", value=1,
checked=self.request.config.acl_rights_default['All'][
ACL_RIGHTS_TABLE['edit']]),
'edit',
html.INPUT(type="checkbox", name="All_may_delete", value=1,
checked=self.request.config.acl_rights_default['All'][
ACL_RIGHTS_TABLE['delete']]),
'delete',
])
self.make_row(_("Logged in people may:"), [
html.INPUT(type="checkbox", name="Known_may_read", value=1,
checked=self.request.config.acl_rights_default['Known'][
ACL_RIGHTS_TABLE['read']]),
'read',
html.INPUT(type="checkbox", name="Known_may_edit", value=1,
checked=self.request.config.acl_rights_default['Known'][
ACL_RIGHTS_TABLE['edit']]),
'edit',
html.INPUT(type="checkbox", name="Known_may_delete", value=1,
checked=self.request.config.acl_rights_default['Known'][
ACL_RIGHTS_TABLE['delete']]),
'delete',
])
self.make_row(_("Banned people may:"), [
html.INPUT(type="checkbox", name="Banned_may_read", value=1,
checked=self.request.config.acl_rights_default['Banned'][
ACL_RIGHTS_TABLE['read']]),
'read',
html.INPUT(type="checkbox", name="Banned_may_edit", value=1,
checked=self.request.config.acl_rights_default['Banned'][
ACL_RIGHTS_TABLE['edit']]),
'edit',
html.INPUT(type="checkbox", name="Banned_may_delete", value=1,
checked=self.request.config.acl_rights_default['Banned'][
ACL_RIGHTS_TABLE['delete']]),
'delete',
])
custom_groups = user.getGroupList(self.request,
exclude_special_groups=True)
for groupname in custom_groups:
group = wikiacl.Group(groupname, self.request, fresh=True)
self.make_row(_("People in the %s group may:" % (
wikiutil.escape(groupname))), [
html.INPUT(type="checkbox",
name="%s_may_read" % quoteWikiname(groupname),
value=1, checked=group.default_rights()[
ACL_RIGHTS_TABLE['read']]),
'read',
html.INPUT(type="checkbox",
name="%s_may_edit" % quoteWikiname(groupname),
value=1, checked=group.default_rights()[
ACL_RIGHTS_TABLE['edit']]),
'edit',
html.INPUT(type="checkbox",
name="%s_may_delete" % quoteWikiname(groupname),
value=1, checked=group.default_rights()[
ACL_RIGHTS_TABLE['delete']]),
'delete',
html.INPUT(type="checkbox",
name="%s_may_admin" % quoteWikiname(groupname),
value=1, checked=group.default_rights()[
ACL_RIGHTS_TABLE['admin']]),
'change security'
])
self._inner.append(html.Raw("</div>")) # close securitySettings div
buttons = [
('save', _('Save Settings')),
]
# Add buttons
button_cell = []
for name, label in buttons:
button_cell.extend([
html.INPUT(type="submit", name=name, value=label),
' ',
])
self.make_row('', button_cell)
return str(self._form)
def handleData(self):
_ = self._
form = self.request.form
groups_pagename = "%s/%s" % (config.wiki_settings_page,
config.wiki_settings_page_security_defaults)
if self.request.user.name in wikiacl.Group("Admin", self.request):
if (self.request.form.has_key('delete') and
self.request.form['delete']):
# delete user group
delete_group = unquoteWikiname(self.request.form['delete'][0])
del self.request.config.acl_rights_default[delete_group]
# process altered configuration
# TODO: abstract this into Groups-y class.
self.request.config.set_config(self.request.config.wiki_name,
self.request.config.get_dict(),
self.request)
return 'User group "%s" deleted.' % (
self.request.form['delete'][0])
else:
grouplist_all = user.getGroupList(self.request)
grouplist = copy(grouplist_all)
# remove immutable groups
grouplist.remove("All")
grouplist.remove("Known")
new_group_name = None
new_group_dict = None
for key in form:
if key.startswith('group_'):
groupname = unquoteWikiname(key[len('group_'):])
if len(groupname) > 100:
return _("Group names must be less than 100 "
"characters.")
if groupname not in grouplist:
continue # throw out invalid group names
# keep track of empty textarea responses
grouplist.remove(groupname)
memberlist = [member.strip() for member in
form[key][0].split('\n')]
newmemberlist = []
for member in memberlist:
if len(member) > 100:
return _("User names must be less than 100 "
"characters.")
if member:
newmemberlist.append(member)
memberlist = newmemberlist
# initialize the group dictionary
group_dict = {}
for membername in memberlist:
group_dict[membername.lower()] = None
group = wikiacl.Group(groupname, self.request,
fresh=True)
group.update(group_dict)
group.save()
elif key == 'ips_banned':
ips_banned = {}
for ip in form['ips_banned'][0].split('\n'):
ip = ip.strip()
if not web.isIpAddress(ip):
return _('Invalid IP address "%s" entered.' % (
ip))
ips_banned[ip] = None
group = wikiacl.Group("Banned", self.request,
fresh=True)
group.update_ips(ips_banned)
group.save()
elif key == 'new_group_name':
new_group_name = form['new_group_name'][0].strip()
if len(new_group_name) > 100:
return _("Group names must be less than 100 "
"characters.")
elif new_group_name in grouplist_all:
return _("Group %s already exists." % (
new_group_name))
elif key == 'new_group_users':
new_group_users = [member.strip() for member in
form['new_group_users'][0].split('\n')]
new_group_users_copy = []
for member in new_group_users:
if len(member) > 100:
return _("User names must be less than 100 "
"characters.")
if member:
new_group_users_copy.append(member)
new_group_users = new_group_users_copy
# initialize the group dictionary
new_group_dict = {}
for membername in new_group_users:
new_group_dict[membername.lower()] = None
for emptygroupname in grouplist:
group = wikiacl.Group(emptygroupname, self.request)
group.update({})
group.save()
if new_group_name:
new_group = wikiacl.Group(new_group_name, self.request)
if new_group_dict:
new_group.update(new_group_dict)
new_group.save()
return _("User groups updated!")
def execute(pagename, request):
_ = request.getText
page = Page(pagename, request)
actname = __name__.split('.')[-1]
if not request.user.may.admin(page):
msg = _("You don't have admin permissions on this page, "
"so you cannot change security settings.")
return page.send_page(msg)
if request.form.has_key('button'):
# process save
groups = []
groups_dict = {}
for key in request.form:
if key.endswith('_groupname'):
groups.append(unquoteWikiname(key[:-10]))
else:
if key.endswith('_may_read'):
dowhat = 'read'
groupname = unquoteWikiname(key[:-9])
elif key.endswith('_may_edit'):
dowhat = 'edit'
groupname = unquoteWikiname(key[:-9])
elif key.endswith('_may_delete'):
dowhat = 'delete'
groupname = unquoteWikiname(key[:-11])
elif key.endswith('_may_admin'):
dowhat = 'admin'
groupname = unquoteWikiname(key[:-10])
else:
continue
if not groups_dict.has_key(groupname):
groups_dict[groupname] = [False, False, False, False]
groups_dict[groupname][ACL_RIGHTS_TABLE[dowhat]] = True
# set groups we weren't sent any checkboxes for to
# all false (nothing checked)
groups_no_checks = filter(lambda(groupname): (
groupname not in groups_dict), groups)
for groupname in groups_no_checks:
groups_dict[groupname] = [False, False, False, False]
wikiacl.setACL(pagename, groups_dict, request)
return page.send_page(
msg = _("Security settings sucessfully changed!"))
formhtml = ['<h3>Security settings for "%s":</h3>' % pagename]
button = _("Save")
url = page.url()
d = {'url': url, 'actname': actname, 'button': button}
formhtml.append('<form method="POST" action="%(url)s">\n'
'<input type="hidden" name="action" value="%(actname)s">\n'
% d)
custom_groups = user.getGroupList(request, exclude_special_groups=True)
grouplist = ['All', 'Known'] + custom_groups
for groupname in grouplist:
# "All" and "Known" are a bit condense
if groupname == 'All':
written_groupname = 'Everybody'
elif groupname == 'Known':
written_groupname = 'Logged in people'
else:
written_groupname = groupname
group = wikiacl.Group(groupname, request, fresh=True)
# we want to show the 'change security' option only if
# it makes some sense
show_admin = groupname in custom_groups
formhtml.append('<h6>%s</h6>' % written_groupname)
formhtml.append('<input type="hidden" name="%s_groupname" '
'value="1">' % quoteWikiname(groupname))
if group.may(page, 'read'):
formhtml.append('<input type="checkbox" checked '
'name="%s_may_read" value="1">' %
quoteWikiname(groupname))
else:
formhtml.append('<input type="checkbox" name="%s_may_read" '
'value="1">' % quoteWikiname(groupname))
formhtml.append(' read ')
if group.may(page, 'edit'):
formhtml.append('<input type="checkbox" checked '
'name="%s_may_edit" value="1">' %
quoteWikiname(groupname))
else:
formhtml.append('<input type="checkbox" name="%s_may_edit" '
'value="1">' % quoteWikiname(groupname))
formhtml.append(' edit ')
if group.may(page, 'delete'):
formhtml.append('<input type="checkbox" checked '
'name="%s_may_delete" value="1">' %
quoteWikiname(groupname))
else:
formhtml.append('<input type="checkbox" name="%s_may_delete" '
'value="1">' % quoteWikiname(groupname))
formhtml.append(' delete ')
if show_admin:
if group.may(page, 'admin'):
formhtml.append('<input type="checkbox" checked '
'name="%s_may_admin" value="1">' %
quoteWikiname(groupname))
else:
formhtml.append('<input type="checkbox" name="%s_may_admin" '
'value="1">' % quoteWikiname(groupname))
formhtml.append(' change security ')
formhtml.append(
'<p><input type="submit" name="button" value="%(button)s">\n'
'</p>\n'
'</form>' % d)
page.send_page(msg=''.join(formhtml))
def execute(pagename, request):
_ = request.getText
page = Page(pagename, request)
actname = __name__.split('.')[-1]
if not request.user.may.admin(page):
msg = _("You don't have admin permissions on this page, "
"so you cannot change security settings.")
return page.send_page(msg)
if request.form.has_key('button'):
# process save
groups = []
groups_dict = {}
for key in request.form:
if key.endswith('_groupname'):
groups.append(unquoteWikiname(key[:-10]))
else:
if key.endswith('_may_read'):
dowhat = 'read'
groupname = unquoteWikiname(key[:-9])
elif key.endswith('_may_edit'):
dowhat = 'edit'
groupname = unquoteWikiname(key[:-9])
elif key.endswith('_may_delete'):
dowhat = 'delete'
groupname = unquoteWikiname(key[:-11])
elif key.endswith('_may_admin'):
dowhat = 'admin'
groupname = unquoteWikiname(key[:-10])
else:
continue
if not groups_dict.has_key(groupname):
groups_dict[groupname] = [False, False, False, False]
groups_dict[groupname][ACL_RIGHTS_TABLE[dowhat]] = True
# set groups we weren't sent any checkboxes for to
# all false (nothing checked)
groups_no_checks = filter(
lambda (groupname): (groupname not in groups_dict), groups)
for groupname in groups_no_checks:
groups_dict[groupname] = [False, False, False, False]
wikiacl.setACL(pagename, groups_dict, request)
return page.send_page(msg=_("Security settings sucessfully changed!"))
formhtml = ['<h3>Security settings for "%s":</h3>' % pagename]
button = _("Save")
url = page.url()
d = {'url': url, 'actname': actname, 'button': button}
formhtml.append(
'<form method="POST" action="%(url)s">\n'
'<input type="hidden" name="action" value="%(actname)s">\n' % d)
custom_groups = user.getGroupList(request, exclude_special_groups=True)
grouplist = ['All', 'Known'] + custom_groups
for groupname in grouplist:
# "All" and "Known" are a bit condense
if groupname == 'All':
written_groupname = 'Everybody'
elif groupname == 'Known':
written_groupname = 'Logged in people'
else:
written_groupname = groupname
group = wikiacl.Group(groupname, request, fresh=True)
# we want to show the 'change security' option only if
# it makes some sense
show_admin = groupname in custom_groups
formhtml.append('<h6>%s</h6>' % written_groupname)
formhtml.append('<input type="hidden" name="%s_groupname" '
'value="1">' % quoteWikiname(groupname))
if group.may(page, 'read'):
formhtml.append('<input type="checkbox" checked '
'name="%s_may_read" value="1">' %
quoteWikiname(groupname))
else:
formhtml.append('<input type="checkbox" name="%s_may_read" '
'value="1">' % quoteWikiname(groupname))
formhtml.append(' read ')
if group.may(page, 'edit'):
formhtml.append('<input type="checkbox" checked '
'name="%s_may_edit" value="1">' %
quoteWikiname(groupname))
else:
formhtml.append('<input type="checkbox" name="%s_may_edit" '
'value="1">' % quoteWikiname(groupname))
formhtml.append(' edit ')
if group.may(page, 'delete'):
formhtml.append('<input type="checkbox" checked '
'name="%s_may_delete" value="1">' %
quoteWikiname(groupname))
else:
formhtml.append('<input type="checkbox" name="%s_may_delete" '
'value="1">' % quoteWikiname(groupname))
formhtml.append(' delete ')
if show_admin:
if group.may(page, 'admin'):
formhtml.append('<input type="checkbox" checked '
'name="%s_may_admin" value="1">' %
quoteWikiname(groupname))
else:
formhtml.append('<input type="checkbox" name="%s_may_admin" '
'value="1">' % quoteWikiname(groupname))
formhtml.append(' change security ')
formhtml.append(
'<p><input type="submit" name="button" value="%(button)s">\n'
'</p>\n'
'</form>' % d)
page.send_page(msg=''.join(formhtml))
